Aurora Corporate documentation

PGP encryption changes in v8.5

As of version 8.5 of Aurora Corporate, there are various important changes in functionality related to OpenPGP and Paranoid encryption, this article covers the most important changes.

  1. If you add a PGP key for email address which is different from your email addresses used (primary account or those linked to it), the key is considered an external one and it gets stored in contacts. If there's no contact with such email address in your personal address book, it will automatically be created.

  2. OpenPGP module works as a key management interface that offers basic encryption functionality used by other modules.
  3. Previously, Paranoid encryption was dealing with a separate AES key - now PGP is used there. The approach assumes that, for every file getting encrypted, new AES key is generated - and that key gets encrypted with user's private PGP key.

Thus, it's now required to have OpenPGP keys set up - while storing AES key separately is no longer needed.

If you already have files encrypted using a separate AES key, you will still be able to access those using the legacy approach.

  1. With the new encryption mechanism, it's now possible to share encrypted files and provide public link to those:

a. If an encrypted file is shared, its AES key is additionally encrypted with recipient's PGP keys;

b. If you share a folder, any encrypted files found there will not be shown to a recipient (that would require encrypting the full hierarchy of the folder tree);

c. When creating a public link for encrypted file, AES key will be either password-protected or encrypted with recipient's PGP key.